The British government's national computer emergency response team investigated 658 serious cybersecurity incidents and supported nearly 900 victim organizations in the 12-month period ending in August.

For the majority of the incidents investigated by the U.K. National Cyber Security Center, part of intelligence agency GCHQ, the center was the first to alert organizations that they had fallen victim to an online attack.

During the same 12-month time period, NCSC scuttled 177,000 phishing URLs, two-thirds of which were eliminated less than 24 hours after they first appeared.

Those are some of the highlights contained in the NCSC's third annual review, released on Wednesday at a press conference at the organization's headquarters in London.

"First, this is a three-year record of strong, practical success, whether that's stopping more than 1 million credit cards being used fraudulently by criminals, whether that's exposing dangerous Russian groups attacking our partners across the globe pretending to be Iranians, or whether it's automatically protecting government networks by checking billions of connections every month and blocking more than 10 million suspect connections, or whether it's working with thousands of charities and small businesses directly," Martin said.

"We are delivering for the U.K. But there's a part two. Some attackers are still doing the same things over and over again, and too often they're getting through. But there are things that you and I can do as individuals, and that organizational leaders can do to get ahead of the problem."

Martin added: "All of us can use sensible, practical measures like better passwords, two-factor authentication and backups, and more organizations can scan for vulnerabilities and fix them and have strategies to counter phishing attacks. Do that and so much of the problem goes away and we can focus on the big challenges of the future." (See: Party Like Every Day Is World Password Day).

Combatting Cyberattacks

As the world has continued to become ever more internet-connected, and online attacks have surged, NCSC has continued to see increased demand for its expertise and support, said Oliver Dowden, a Conservative MP who since July has served as the government's paymaster general and minister for the cabinet office.

"The common theme of the NCSC's work, whether it's protecting critical national infrastructure or strengthening the security of the internet of things, is that it is rooted in cyber's increasing relevance to people's day-to-day lives," he said at the press conference. "And it's precisely because cyberattacks affect everyone and the things that we value that we all need to play a critical role in protecting them."

"In October 2018, that meant exposing Russian military attacks on political institutions and business, media and sporting interests - the World Anti-Doping Agency in Lausanne was a target," Dowden said. "This week, it exposed how suspected Russian-based cyber hackers had piggybacked on the illegal operations and methods of a group of Iranian-led hackers, targeting 35 countries." (See: Russian Hackers Coopted Iranian APT Group's Infrastructure).

But the volume of attacks continues to increase and organizations continue to fall victim. "Over a third of U.K. businesses suffered a cyber breach or attack in 2018," Dowden said.

Critical Infrastructure Security

NCSC headquarters in London (Photo: Mathew Schwartz)

The government is pursuing measures to improve cybersecurity, including across the critical infrastructure.

NCSC's Active Defense Program, for example, helps identify malicious websites and notify owners to take them down; it also scans public security organizations' emails to combat phishing attacks.

The NCSC Cyber Accelerator, funded by the government's Department for Digital, Culture, Media and Sport, encourages and supports British cybersecurity startup businesses.

DCMS and the NCSC have also worked together on the Secure by Design program, meant to strengthen the security of IoT devices by giving manufacturers a code of practice for building internet-connected devices (see: War Declared on Default Passwords).

New Cybersecurity Regulations Forthcoming

The government has also signaled its intention to create new cybersecurity regulations governing the nation's telecommunications infrastructure, following a DCMS-led supply chain review of the sector (see Huawei's Role in 5G Networks: A Matter of Trust).

"The review's major conclusion that the government will pursue a robust new security framework for telecoms, will be supported by the NCSC's current risk-mitigation model, which will be adapted as necessary as telecoms networks evolve towards 5G and full-fiber coverage," according to the NCSC's third annual review. "This new framework will be placed on a statutory footing once government legislates to strengthen the enforcement powers of the telecoms regulator, Ofcom, and to provide new national security powers for government to respond to supply chain risks in the future."

Speaking at the press conference, Susannah Storey, who since last month has served as director general for digital and media policy in the U.K. Department for Digital, Culture, Media and Sport, signaled that more cybersecurity regulations may be forthcoming.

Susannah Storey, director general for digital and media policy in the Department for Digital, Culture, Media and Sport, speaks at the launch of NCSC's third annual review. (Photo: Mathew Schwartz)

"Government regulation and creation of further incentives to promote industry action will have a role to play, and DCMS has begun a review of the landscape, with the aim of identifying what further government interventions will be required to ensure that good cybersecurity practices are normalized right across the economy," she said. "We also need to consider what more government can do to remove as much of the burden of security for businesses and individuals, mitigating the risk before it affects victims, whenever possible."

About the Author

Schwartz is an award-winning journalist with two decades of experience in magazines, newspapers and electronic media. He has covered the information security and privacy sector throughout his career. Before joining Information Security Media Group in 2014, where he now serves as the executive editor, DataBreachToday and for European news coverage, Schwartz was the information security beat reporter for InformationWeek and a frequent contributor to DarkReading, among other publications. He lives in Scotland.

Operation Success!

Risk Management Framework: Learn from NIST

From heightened risks to increased regulations, senior leaders at all levels are pressured to
improve their organizations' risk management capabilities. But no one is showing them how -
until now.

Learn the fundamentals of developing a risk management program from the man who wrote the book
on the topic: Ron Ross, computer scientist for the National Institute of Standards and
Technology. In an exclusive presentation, Ross, lead author of NIST Special Publication 800-37
- the bible of risk assessment and management - will share his unique insights on how to:

Understand the current cyber threats to all public and private sector organizations;

Develop a multi-tiered risk management approach built upon governance, processes and
information systems;